 |
|
DAILY NEWS AND INFORMATION
FOR THE GLOBAL GRID COMMUNITY /
|
Breaking News -
Security:
netForensics Solution To Provide
Real-Time Incident Resolution
netForensics Inc, a recognized market leader in Security Information
Management (SIM), announced significant enhancements for its next-generation
SIM solution. This new solution provides customers with support for a
SANS-based, predefined security processes, ensuring that SIM goes beyond
gathering information to enable issue resolution. The new solution enables
customers to gather high volumes of security information, intelligently
interpret the meaning and importance of the data and take action.
Additionally, netForensics announced Security Posture Analysis. With this
element of the solution, security analysts have the ability to monitor the
company's overall security threat score in real time, based on the multi-
dimensional correlation of threats, vulnerabilities and predetermined asset
values. By correlating real-time event data and presenting it in a form that
is not only intuitive but ready to act on, security threats can be quickly
identified and stopped using the new Incident Resolution module.
Web services, utility computing, .NET, CPU harvesting and distributed
computing are just a few of the technologies that fall under the Grid
computing umbrella. Gt04 -- a premiere enterprise Grid computing conference
targeting industrial and commercial users -- will gather experts, and outline
strategies and road maps for Grid deployment. For more information, visit
www.gt04.com.
Grid computing is here!
What sets netForensics solution apart is the automated intelligence
analytics,
real-time incident resolution management and enterprise-class architecture
that do more than simply aggregate security information. netForensics provides
users the ability to address security risks in real time, by presenting
correlated security data in a form that is prioritized and actionable. With
netForensics, security professionals move away from being log readers to
proficient security intelligence analysts. With automated intelligence and
case management technologies, companies gain the ability to efficiently,
consistently and effectively resolve security threats in real time.
"netForensics clearly understands the difficulties involved in making
security
work," said Bill Stevenson, information security officer at New Century
Mortgage Corp. "Wrapping their software around intelligent processes using an
architecture that scales when I need it to, makes them a business partner for
me, not just another vendor."
The new netForensics solution provides:
- Incident Resolution Management (IRM) provides security professionals
with
a
single control point for both event management and incident handling and is
tightly integrated with netForensics as an incident resolution subsystem,
centralizing the case management activities related to events in a security-,
policy- and process-knowledgeable environment. Key elements of IRM include
automated evidence collection and retention based on a well-defined security
process, access to a built-in knowledgebase as well as industry and custom
best practices databases and a robust reporting engine. The intuitive
graphical user interface is easy to follow and because of the netForensics
open architecture, users can customize the remediation workflow to match their
specific security policies and environments.
- Security Posture Analysis takes correlation to the next logical step by
combining results from rules, statistical and vulnerability correlation into a
single security metric which can be represented to the operator. netForensics'
security posture analysis logic provides an even higher degree of confidence
on vulnerabilities reported by multiple alarms.
- User-Based Visualization delivers out-of-the-box, ready to use security
views for business users, security analysts, operations, auditors, network and
system administrators. The views are intended to simplify data presentation
allowing users to focus in on the most critical security threats first, based
on their job function. Although sample views are provided, user can also
create his/her own custom views based on need and preference. Data
presentation can operate in real time, near real time or use a historical
playback mode, and includes exciting new visualization techniques such as
geographical awareness, link map, forward and reverse playback, dynamic real
time Top n views. The views provide context driven actions for faster response
times.
|